OpenClonk Bugtracker - OpenClonk
View Issue Details
0001992OpenClonkEnginepublic2018-02-10 17:402018-02-17 12:00
Reporterpkern 
Assigned ToLuchs 
PrioritynormalSeveritymajorReproducibilityalways
StatusresolvedResolutionfixed 
PlatformDebian GNU/Linux testing/sidOSLinuxOS Version 
Product Version8.0 
Target Version8.1Fixed in Version8.1 
Summary0001992: OpenClonk 8.0 does not compile with -Werror=format-security
Description-Werror=format-security is the default on Debian to guard against format string bugs. Unfortunately this means that people trying to implement their own printf break compilation. In this case at least C4AulCompiler.cpp fails to compile:

[...]
template<class... T>
static C4AulParseError Error(const C4ScriptHost *target_host, const C4ScriptHost *host, const char *SPos, const C4AulScriptFunc *func, const char *msg, T &&...args)
{
        std::string message = sizeof...(T) > 0 ? strprintf(msg, std::forward<T>(args)...) : msg;
[...]

[...]/src/script/C4AulCompiler.cpp:101:52: error: format not a string literal and no format arguments [-Werror=format-security]
  std::string message = sizeof...(T) > 0 ? strprintf(msg, std::forward<T>(args)...) : msg;
                                           ~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Same for Warn(). I quickly tried a format printf annotation but even that did not resolve the issue, as the argument passed into strprintf was not recognized as a string literal, which sort of makes sense. It would probably be fine to just filter it out, but then the filtering should likely be confined to the compilation unit that fails with it rather than all of them.
TagsNo tags attached.
Attached Files

Notes
(0006124)
Luchs   
2018-02-11 15:41   
There's already some discussion about this on github [1][2].

There was one legitimate case of -Wformat-security which I fixed in [3]. I consider the remaining two cases to be a bug in GCC as they're in code which is never executed (and likely thrown out before code generation).

We should probably just disable -Wformat-security for C4AulCompiler.cpp until GCC can handle it properly in templated code like this.

@Maikel: Please cherry-pick commit [3] before releasing 8.1 (I can't do it before next (next) week).

[1]: https://github.com/openclonk/openclonk/issues/64
[2]: https://github.com/openclonk/openclonk/pull/65
[3]: https://github.com/openclonk/openclonk/commit/08edf3bb583f55cf5bf7ba1050ba86632f02a6e0
(0006139)
occ   
2018-02-17 11:59   
Hi! There's been a check-in that references this bug. For more information you can visit the repository browser at this address:
https://git.openclonk.org/openclonk.git/commitdiff/334c57f2968263276ae12d69c262111a6d53ade2

Changeset 334c57f by Lukas Werling <lukas.werling@gmail.com>
Disable -Wformat-security in parts of C4AulCompiler (0001992, GH-64)


Issue History
2018-02-10 17:40pkernNew Issue
2018-02-10 22:06MaikelTarget Version => 8.1
2018-02-11 15:41LuchsNote Added: 0006124
2018-02-11 15:42LuchsAssigned To => Luchs
2018-02-11 15:42LuchsStatusnew => acknowledged
2018-02-17 11:59occNote Added: 0006139
2018-02-17 12:00LuchsStatusacknowledged => resolved
2018-02-17 12:00LuchsResolutionopen => fixed
2018-02-17 12:00LuchsFixed in Version => 8.1